One desktop, multiple VMs

One reason for his enthusiasm, Wolf says, is the ability to run multiple virtual machines (VM) on top of a bare-metal client hypervisor. A user machine takes on a whole new personality under this type of architecture.

On a desktop computer outfitted with a client hypervisor, for example, you might find corporate-sanctioned and supported operating system and applications running on a locked-down VM. Personal applications, like iTunes and digital picture portfolios, as well as an individual's preferred operating system, would sit atop another VM.

What goes on in one VM has nothing to do with and is never impacted by any other VM on the same client and, perhaps best yet, IT doesn't have to support the personal VMs or anything running on them, Wolf says.

Likewise, you might find software developers running Linux and Windows VMs side by side on their desktops. The former would host their core development tools while the latter business applications like e-mail and calendaring, says Doug Lane, senior director of product management and marketing at Virtual Computer, a startup with a bare-metal client hypervisor called NxTop.

Enterprises might one day even offer "build your own PC" programs, much as many do today with cell phones. Employees can use a company-provided voucher to buy the computer model they like best from a predetermined list. They can run their personal and work environments on the same system, but all support comes from the PC maker, not internal IT, Wolf describes.

Virtual desktop infrastructure

Bare-metal client hypervisors also will play a big role in virtual desktop infrastructures in which virtual desktops are hosted at central sites and downloaded on user request. Because bare-metal hypervisors don't rely on the client operating system, IT can create or update one image - say by applying a Windows patch - and publish that out across the virtual desktop infrastructure.

In northern Florida, Virtual Computer's NxTop will help the Partnership For Strong Families fulfill its mission of getting caseworkers out on the road providing children services to those in need, says John Cook, systems administrator at the Gainesville organization. "We're changing the business, trying to get people more mobile and doing visits without having to keep running back to the office," he says.

Outfitting users with smartphones and laptops seemed a reasonable idea. But with laptops came a cumbersome encryption requirement to show compliance with the Health Insurance Portability and Accountability Act.

The smartphones weren't an issue; RIM's BlackBerry, the chosen device, comes with encryption and the ability to wipe and lockdown a unit remotely. The organization would have needed to buy either a software encryption package or an encrypted hard drive. That, plus other add-on software it would need, meant Partnership for Strong Families would have had several packages to pay for on top of the machines, Cook says.

A virtual computer is another story. "It offers us the possibility of doing all this stuff in one management console with one build, simplifying everything," he adds. Plus, NxTop uses encryption, and Cook can change permissions and lock down virtual laptops from the management console, addressing his security concerns.

Cook and his team have been beta testing NxTop, and are good to go with a production deployment this fall, he says. "We've already bought the basic licensing package."

By the end of the year, NxTop and other bare-metal client hypervisors will hit begin hitting the market. Besides start-ups such as Virtual Computer, these hypervisors will be available from virtualization mainstays such as Citrix Systems and VMware. And early next year, we should expect to see client hypervisors shipping on bare metal from desktop and laptop makers, Wolf says.

However, Wolf says he doesn't expect the technology to go mainstream for another two or three years. "It's going to take a couple of years for the management ecosystem to bake fully."